public static byte[] EncryptDES(byte[] data, byte[] derivedKey) { byte[] output = null; try { KeyParameter keyparam = ParameterUtilities.CreateKeyParameter("DES", derivedKey); IBufferedCipher cipher = CipherUtilities.GetCipher("DES/ECB/ISO7816_4PADDING"); cipher.Init(true, keyparam); try { output = cipher.DoFinal(data); return(output); } catch (System.Exception ex) { throw new CryptoException(ex.Message); } } catch (Exception ex) { } return(output); }
protected internal virtual AlgorithmIdentifier GetAlgorithmIdentifier( string encryptionOid, KeyParameter encKey, Asn1Encodable asn1Params, out ICipherParameters cipherParameters) { Asn1Object asn1Object; if (asn1Params != null) { asn1Object = asn1Params.ToAsn1Object(); cipherParameters = ParameterUtilities.GetCipherParameters( encryptionOid, encKey, asn1Object); } else { asn1Object = DerNull.Instance; cipherParameters = encKey; } return(new AlgorithmIdentifier( new DerObjectIdentifier(encryptionOid), asn1Object)); }
private void doTestAlgorithm( string name, byte[] keyBytes, byte[] iv, byte[] plainText, byte[] cipherText) { KeyParameter key = ParameterUtilities.CreateKeyParameter(name, keyBytes); IBufferedCipher inCipher = CipherUtilities.GetCipher(name); IBufferedCipher outCipher = CipherUtilities.GetCipher(name); if (iv != null) { inCipher.Init(true, new ParametersWithIV(key, iv)); outCipher.Init(false, new ParametersWithIV(key, iv)); } else { inCipher.Init(true, key); outCipher.Init(false, key); } byte[] enc = inCipher.DoFinal(plainText); if (!AreEqual(enc, cipherText)) { Fail(name + ": cipher text doesn't match"); } byte[] dec = outCipher.DoFinal(enc); if (!AreEqual(dec, plainText)) { Fail(name + ": plain text doesn't match"); } }
private void aliasTest( KeyParameter key, string primary, params string[] aliases) { IMac mac = MacUtilities.GetMac(primary); // // standard DAC - zero IV // mac.Init(key); mac.BlockUpdate(input, 0, input.Length); byte[] refBytes = new byte[mac.GetMacSize()]; mac.DoFinal(refBytes, 0); for (int i = 0; i != aliases.Length; i++) { mac = MacUtilities.GetMac(aliases[i]); mac.Init(key); mac.BlockUpdate(input, 0, input.Length); byte[] outBytes = new byte[mac.GetMacSize()]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, refBytes)) { Fail("Failed - expected " + Hex.ToHexString(refBytes) + " got " + Hex.ToHexString(outBytes)); } } }
/** * initialise a RC2 cipher. * * @param forEncryption whether or not we are for encryption. * @param parameters the parameters required to set up the cipher. * @exception ArgumentException if the parameters argument is * inappropriate. */ public void Init( bool forEncryption, ICipherParameters parameters) { this.encrypting = forEncryption; if (parameters is RC2Parameters) { RC2Parameters param = (RC2Parameters)parameters; workingKey = GenerateWorkingKey(param.GetKey(), param.EffectiveKeyBits); } else if (parameters is KeyParameter) { KeyParameter param = (KeyParameter)parameters; byte[] key = param.GetKey(); workingKey = GenerateWorkingKey(key, key.Length * 8); } else { throw new ArgumentException("invalid parameter passed to RC2 init - " + parameters.GetType().Name); } }
private static void hmac_hash(IDigest digest, byte[] secret, byte[] seed, byte[] output) { HMac mac = new HMac(digest); KeyParameter param = new KeyParameter(secret); byte[] a = seed; int size = digest.GetDigestSize(); int iterations = (output.Length + size - 1) / size; byte[] buf = new byte[mac.GetMacSize()]; byte[] buf2 = new byte[mac.GetMacSize()]; for (int i = 0; i < iterations; i++) { mac.Init(param); mac.BlockUpdate(a, 0, a.Length); mac.DoFinal(buf, 0); a = buf; mac.Init(param); mac.BlockUpdate(a, 0, a.Length); mac.BlockUpdate(seed, 0, seed.Length); mac.DoFinal(buf2, 0); Array.Copy(buf2, 0, output, (size * i), System.Math.Min(size, output.Length - (size * i))); } }
/// <exception cref="IOException"></exception> public virtual byte[] DecodeCiphertext(long seqNo, byte type, byte[] ciphertext, int offset, int len) { if (GetPlaintextLimit(len) < 0) { throw new TlsFatalAlert(AlertDescription.decode_error); } KeyParameter macKey = InitRecord(decryptCipher, false, seqNo, decryptIV); int plaintextLength = len - 16; byte[] additionalData = GetAdditionalData(seqNo, type, plaintextLength); byte[] calculatedMac = CalculateRecordMac(macKey, additionalData, ciphertext, offset, plaintextLength); byte[] receivedMac = Arrays.CopyOfRange(ciphertext, offset + plaintextLength, offset + len); if (!Arrays.ConstantTimeAreEqual(calculatedMac, receivedMac)) { throw new TlsFatalAlert(AlertDescription.bad_record_mac); } byte[] output = new byte[plaintextLength]; decryptCipher.ProcessBytes(ciphertext, offset, plaintextLength, output, 0); return(output); }
private Asn1Object CreateDERForRecipient(byte[] inp, X509Certificate cert) { String s = "1.2.840.113549.3.2"; byte[] outp = new byte[100]; DerObjectIdentifier derob = new DerObjectIdentifier(s); byte[] keyp = IVGenerator.GetIV(16); IBufferedCipher cf = CipherUtilities.GetCipher(derob); KeyParameter kp = new KeyParameter(keyp); byte[] iv = IVGenerator.GetIV(cf.GetBlockSize()); ParametersWithIV piv = new ParametersWithIV(kp, iv); cf.Init(true, piv); int len = cf.DoFinal(inp, outp, 0); byte[] abyte1 = new byte[len]; System.Array.Copy(outp, 0, abyte1, 0, len); DerOctetString deroctetstring = new DerOctetString(abyte1); KeyTransRecipientInfo keytransrecipientinfo = ComputeRecipientInfo(cert, keyp); DerSet derset = new DerSet(new RecipientInfo(keytransrecipientinfo)); Asn1EncodableVector ev = new Asn1EncodableVector(); ev.Add(new DerInteger(58)); ev.Add(new DerOctetString(iv)); DerSequence seq = new DerSequence(ev); AlgorithmIdentifier algorithmidentifier = new AlgorithmIdentifier(derob, seq); EncryptedContentInfo encryptedcontentinfo = new EncryptedContentInfo(PkcsObjectIdentifiers.Data, algorithmidentifier, deroctetstring); EnvelopedData env = new EnvelopedData(null, derset, encryptedcontentinfo, null); Org.BouncyCastle.Asn1.Cms.ContentInfo contentinfo = new Org.BouncyCastle.Asn1.Cms.ContentInfo(PkcsObjectIdentifiers.EnvelopedData, env); return(contentinfo.ToAsn1Object()); }
private static void decrypt(String privateKeyPath, String encryptedCEK, String iv, String encryptedRecordingPath, String decryptedRecordingPath) { // 2) Retrieve customer private key corresponding to public_key_sid and use it to decrypt base 64 decoded // encrypted_cek via RSAES-OAEP-SHA256-MGF1 Object pemObject; using (var txtreader = File.OpenText(@privateKeyPath)) pemObject = new PemReader(txtreader).ReadObject(); var privateKey = (RsaPrivateCrtKeyParameters)((pemObject.GetType() == typeof(AsymmetricCipherKeyPair)) ? ((AsymmetricCipherKeyPair)pemObject).Private : pemObject); var rsaDecryptEngine = CipherUtilities.GetCipher("RSA/ECB/OAEPWITHSHA256ANDMGF1PADDING"); rsaDecryptEngine.Init(false, privateKey); var encryptedCekArr = Convert.FromBase64String(encryptedCEK); var decryptedCekArr = rsaDecryptEngine.DoFinal(encryptedCekArr); // 3) Initialize a AES256-GCM SecretKey object with decrypted CEK and base 64 decoded iv var aesDecryptEngine = CipherUtilities.GetCipher("AES/GCM/NOPADDING"); KeyParameter keyParameter = ParameterUtilities.CreateKeyParameter("AES", decryptedCekArr); ICipherParameters cipherParameters = new ParametersWithIV(keyParameter, Convert.FromBase64String(iv)); aesDecryptEngine.Init(false, cipherParameters); // 4) Decrypt encrypted recording using the SecretKey var decryptedFile = File.Create(@decryptedRecordingPath); CipherStream cipherStream = new CipherStream(File.OpenRead(@encryptedRecordingPath), aesDecryptEngine, null); cipherStream.CopyTo(decryptedFile); decryptedFile.Close(); }
public void Init(ICipherParameters parameters) { //IL_001c: Unknown result type (might be due to invalid IL or missing references) //IL_0045: Unknown result type (might be due to invalid IL or missing references) byte[] nonce = null; if (cipher != null) { if (!(parameters is ParametersWithIV)) { throw new ArgumentException("Poly1305 requires an IV when used with a block cipher.", "parameters"); } ParametersWithIV parametersWithIV = (ParametersWithIV)parameters; nonce = parametersWithIV.GetIV(); parameters = parametersWithIV.Parameters; } if (!(parameters is KeyParameter)) { throw new ArgumentException("Poly1305 requires a key."); } KeyParameter keyParameter = (KeyParameter)parameters; SetKey(keyParameter.GetKey(), nonce); Reset(); }
/** * decrypt the content and return an input stream. */ public override CmsTypedStream GetContentStream( ICipherParameters key) { try { byte[] encryptedKey = info.EncryptedKey.GetOctets(); IWrapper keyWrapper = WrapperUtilities.GetWrapper(keyEncAlg.ObjectID.Id); keyWrapper.Init(false, key); KeyParameter sKey = ParameterUtilities.CreateKeyParameter( GetContentAlgorithmName(), keyWrapper.Unwrap(encryptedKey, 0, encryptedKey.Length)); return(GetContentFromSessionKey(sKey)); } catch (SecurityUtilityException e) { throw new CmsException("couldn't create cipher.", e); } catch (InvalidKeyException e) { throw new CmsException("key invalid in message.", e); } }
private void F( byte[] P, byte[] S, int c, byte[] iBuf, byte[] outBytes, int outOff) { byte[] state = new byte[hMac.GetMacSize()]; ICipherParameters param = new KeyParameter(P); hMac.Init(param); if (S != null) { hMac.BlockUpdate(S, 0, S.Length); } hMac.BlockUpdate(iBuf, 0, iBuf.Length); hMac.DoFinal(state, 0); Array.Copy(state, 0, outBytes, outOff, state.Length); for (int count = 1; count != c; count++) { hMac.Init(param); hMac.BlockUpdate(state, 0, state.Length); hMac.DoFinal(state, 0); for (int j = 0; j != state.Length; j++) { outBytes[outOff + j] ^= state[j]; } } }
/** * initialise a Salsa20 cipher. * * @param forEncryption whether or not we are for encryption. * @param params the parameters required to set up the cipher. * @exception ArgumentException if the params argument is * inappropriate. */ public void Init( bool forEncryption, ICipherParameters parameters) { /* * Salsa20 encryption and decryption is completely * symmetrical, so the 'forEncryption' is * irrelevant. (Like 90% of stream ciphers) */ ParametersWithIV ivParams = parameters as ParametersWithIV; if (ivParams == null) { throw new ArgumentException("Salsa20 Init requires an IV", "parameters"); } byte[] iv = ivParams.GetIV(); if (iv == null || iv.Length != 8) { throw new ArgumentException("Salsa20 requires exactly 8 bytes of IV"); } KeyParameter key = ivParams.Parameters as KeyParameter; if (key == null) { throw new ArgumentException("Salsa20 Init requires a key", "parameters"); } workingKey = key.GetKey(); workingIV = iv; setKey(workingKey, workingIV); }
public override void Init(Byte[] keyMaterial) { if (this.Mode != CipherMode.Cbc) { return; } /* client part */ this._clientIv = new Byte[this.IvLength]; Array.Copy(keyMaterial, this.MacKeyLength * 2 + this.KeyLength * 2, this._clientIv, 0, this.IvLength); this._clientKey = new KeyParameter(keyMaterial, this.MacKeyLength * 2, this.KeyLength); //Console.WriteLine("Client Key : "+ BitConverter.ToString(_clientKey.GetKey())); var keyAndIv = new ParametersWithIV(this._clientKey, this._clientIv, 0, this.IvLength); if (this.Mode == CipherMode.Cbc) // AEAD mode is initialized by other function { this.Ccipher.Reset(); this.Ccipher.Init(false, keyAndIv); } /* server part */ this._serverIv = new Byte[this.IvLength]; Array.Copy(keyMaterial, this.MacKeyLength * 2 + this.KeyLength * 2 + this.IvLength, this._serverIv, 0, this.IvLength); this._serverKey = new KeyParameter(keyMaterial, this.MacKeyLength * 2 + this.KeyLength, this.KeyLength); //Console.WriteLine("Server Key : " + BitConverter.ToString(_serverKey.GetKey())); keyAndIv = new ParametersWithIV(this._serverKey, this._serverIv, 0, this.IvLength); if (this.Mode == CipherMode.Cbc) { this.Scipher.Reset(); this.Scipher.Init(false, keyAndIv); } }
internal static void Receive(DHHandshakeContext context, BufLen data) { var reader = new BufRefLen(data); context.Y = new I2PPublicKey(reader, context.RemoteRI.Certificate); context.YBuf = context.Y.Key; var sharedkey = BufUtils.DHI2PToByteArray(context.Y.ToBigInteger().ModPow(context.PrivateKey.ToBigInteger(), I2PConstants.ElGamalP)); context.SessionKey = new I2PSessionKey(sharedkey); var key = new KeyParameter(context.SessionKey.Key.ToByteArray()); var enciv = new BufLen(context.HXxorHI.BaseArray, context.HXxorHI.Length - 16, 16); var deciv = new BufLen(context.YBuf, context.YBuf.Length - 16, 16); context.Encryptor = new CbcBlockCipher(new AesEngine()); context.Encryptor.Init(true, new ParametersWithIV(key, enciv.BaseArray, enciv.BaseArrayOffset, enciv.Length)); context.Dectryptor = new CbcBlockCipher(new AesEngine()); context.Dectryptor.Init(false, new ParametersWithIV(key, deciv.BaseArray, deciv.BaseArrayOffset, deciv.Length)); var encrbuf = new BufLen(reader, 0, 32 + 4 + 12); context.Dectryptor.ProcessBytes(encrbuf); context.HXY = reader.ReadBufLen(32); context.TimestampB = reader.ReadFlip32(); var checkhash = I2PHashSHA256.GetHash(context.XBuf, context.YBuf); if (!context.HXY.Equals(checkhash)) { throw new ChecksumFailureException("NTCP SessionCreated received HXY check failed!"); } }
private void doTest( string algorithm, byte[] input, byte[] output) { KeyParameter key = null; CipherKeyGenerator keyGen; SecureRandom rand; IBufferedCipher inCipher = null, outCipher = null; byte[] iv = null; CipherStream cIn, cOut; MemoryStream bIn, bOut; rand = new FixedSecureRandom(); string[] parts = algorithm.ToUpper(CultureInfo.InvariantCulture).Split('/'); string baseAlgorithm = parts[0]; string mode = parts.Length > 1 ? parts[1] : null; #if !INCLUDE_IDEA if (baseAlgorithm.Equals("IDEA")) { return; } #endif try { keyGen = GeneratorUtilities.GetKeyGenerator(baseAlgorithm); // TODO Add Algorithm property to CipherKeyGenerator? // if (!keyGen.getAlgorithm().Equals(baseAlgorithm)) // { // Fail("wrong key generator returned!"); // } // TODO Add new Init method to CipherKeyGenerator? // keyGen.Init(rand); keyGen.Init(new KeyGenerationParameters(rand, keyGen.DefaultStrength)); byte[] keyBytes = keyGen.GenerateKey(); if (algorithm.StartsWith("RC5")) { key = new RC5Parameters(keyBytes, rc5Rounds); } else { key = ParameterUtilities.CreateKeyParameter(baseAlgorithm, keyBytes); } inCipher = CipherUtilities.GetCipher(algorithm); outCipher = CipherUtilities.GetCipher(algorithm); if (!inCipher.AlgorithmName.ToUpper(CultureInfo.InvariantCulture).StartsWith(baseAlgorithm)) { Fail("wrong cipher returned!"); } ICipherParameters parameters = key; int ivLength = GetIVLength(algorithm); if (ivLength > 0) { if (baseAlgorithm == "RC2") { iv = rc2IV; } else if (baseAlgorithm == "RC5") { iv = rc5IV; } else if (baseAlgorithm == "RC5-64") { iv = rc564IV; } else { // NB: rand always generates same values each test run iv = rand.GenerateSeed(ivLength); } parameters = new ParametersWithIV(key, iv); } // NB: 'rand' still needed e.g. for some paddings parameters = new ParametersWithRandom(parameters, rand); outCipher.Init(true, parameters); } catch (Exception e) { Fail("" + algorithm + " failed initialisation - " + e.ToString(), e); } // // grab the iv if there is one // try { // The Java version set this implicitly, but we set it explicity //byte[] iv = outCipher.getIV(); if (iv != null) { // TODO Examine short IV handling for these FIPS-compliant modes in Java build if (mode.StartsWith("CFB") || mode.StartsWith("GOFB") || mode.StartsWith("OFB") || mode.StartsWith("OPENPGPCFB")) { // These modes automatically pad out the IV if it is short } else { try { byte[] nIv = new byte[iv.Length - 1]; inCipher.Init(false, new ParametersWithIV(key, nIv)); Fail("failed to pick up short IV"); } //catch (InvalidAlgorithmParameterException e) catch (ArgumentException) { // ignore - this is what we want... } } //IvParameterSpec spec = new IvParameterSpec(iv); inCipher.Init(false, new ParametersWithIV(key, iv)); } else { inCipher.Init(false, key); } } catch (Exception e) { Fail("" + algorithm + " failed initialisation - " + e.ToString()); } // // encryption pass // bOut = new MemoryStream(); cOut = new CipherStream(bOut, null, outCipher); try { for (int i = 0; i != input.Length / 2; i++) { cOut.WriteByte(input[i]); } cOut.Write(input, input.Length / 2, input.Length - input.Length / 2); cOut.Close(); } catch (IOException e) { Fail("" + algorithm + " failed encryption - " + e.ToString()); } byte[] bytes = bOut.ToArray(); if (!AreEqual(bytes, output)) { Fail("" + algorithm + " failed encryption - expected " + Hex.ToHexString(output) + " got " + Hex.ToHexString(bytes)); } // // decryption pass // bIn = new MemoryStream(bytes, false); cIn = new CipherStream(bIn, inCipher, null); try { BinaryReader dIn = new BinaryReader(cIn); bytes = new byte[input.Length]; for (int i = 0; i != input.Length / 2; i++) { bytes[i] = dIn.ReadByte(); } int remaining = bytes.Length - input.Length / 2; byte[] extra = dIn.ReadBytes(remaining); if (extra.Length < remaining) { throw new EndOfStreamException(); } extra.CopyTo(bytes, input.Length / 2); } catch (Exception e) { Fail("" + algorithm + " failed decryption - " + e.ToString()); } if (!AreEqual(bytes, input)) { Fail("" + algorithm + " failed decryption - expected " + Hex.ToHexString(input) + " got " + Hex.ToHexString(bytes)); } }
private void doRunTest( string name, int ivLength) { string lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789"; string baseName = name; if (name.IndexOf('/') >= 0) { baseName = name.Substring(0, name.IndexOf('/')); } CipherKeyGenerator kGen = GeneratorUtilities.GetKeyGenerator(baseName); IBufferedCipher inCipher = CipherUtilities.GetCipher(name); IBufferedCipher outCipher = CipherUtilities.GetCipher(name); KeyParameter key = ParameterUtilities.CreateKeyParameter(baseName, kGen.GenerateKey()); MemoryStream bIn = new MemoryStream(Encoding.ASCII.GetBytes(lCode), false); MemoryStream bOut = new MemoryStream(); // In the Java build, this IV would be implicitly created and then retrieved with getIV() ICipherParameters cipherParams = key; if (ivLength > 0) { cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); } inCipher.Init(true, cipherParams); // TODO Should we provide GetIV() method on IBufferedCipher? //if (inCipher.getIV() != null) //{ // outCipher.Init(false, new ParametersWithIV(key, inCipher.getIV())); //} //else //{ // outCipher.Init(false, key); //} outCipher.Init(false, cipherParams); CipherStream cIn = new CipherStream(bIn, inCipher, null); CipherStream cOut = new CipherStream(bOut, null, outCipher); int c; while ((c = cIn.ReadByte()) >= 0) { cOut.WriteByte((byte)c); } cIn.Close(); cOut.Flush(); cOut.Close(); byte[] bs = bOut.ToArray(); string res = Encoding.ASCII.GetString(bs, 0, bs.Length); if (!res.Equals(lCode)) { Fail("Failed - decrypted data doesn't match."); } }
private void doTestException( string name, int ivLength) { try { byte[] key128 = { (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143 }; byte[] key256 = { (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143, (byte)128, (byte)131, (byte)133, (byte)134, (byte)137, (byte)138, (byte)140, (byte)143 }; byte[] keyBytes; if (name.Equals("HC256")) { keyBytes = key256; } else { keyBytes = key128; } KeyParameter cipherKey = ParameterUtilities.CreateKeyParameter(name, keyBytes); ICipherParameters cipherParams = cipherKey; if (ivLength > 0) { cipherParams = new ParametersWithIV(cipherParams, new byte[ivLength]); } IBufferedCipher ecipher = CipherUtilities.GetCipher(name); ecipher.Init(true, cipherParams); byte[] cipherText = new byte[0]; try { // According specification Method engineUpdate(byte[] input, // int inputOffset, int inputLen, byte[] output, int // outputOffset) // throws ShortBufferException - if the given output buffer is // too // small to hold the result ecipher.ProcessBytes(new byte[20], 0, 20, cipherText, 0); // Fail("failed exception test - no ShortBufferException thrown"); Fail("failed exception test - no DataLengthException thrown"); } // catch (ShortBufferException e) catch (DataLengthException) { // ignore } // NB: The lightweight engine doesn't take public/private keys // try // { // IBufferedCipher c = CipherUtilities.GetCipher(name); // // // Key k = new PublicKey() // // { // // // // public string getAlgorithm() // // { // // return "STUB"; // // } // // // // public string getFormat() // // { // // return null; // // } // // // // public byte[] getEncoded() // // { // // return null; // // } // // // // }; // AsymmetricKeyParameter k = new AsymmetricKeyParameter(false); // c.Init(true, k); // // Fail("failed exception test - no InvalidKeyException thrown for public key"); // } // catch (InvalidKeyException) // { // // okay // } // // try // { // IBufferedCipher c = CipherUtilities.GetCipher(name); // // // Key k = new PrivateKey() // // { // // // // public string getAlgorithm() // // { // // return "STUB"; // // } // // // // public string getFormat() // // { // // return null; // // } // // // // public byte[] getEncoded() // // { // // return null; // // } // // // // }; // // AsymmetricKeyParameter k = new AsymmetricKeyParameter(true); // c.Init(false, k); // // Fail("failed exception test - no InvalidKeyException thrown for private key"); // } // catch (InvalidKeyException) // { // // okay // } } catch (Exception e) { Fail("unexpected exception.", e); } }
// Token: 0x060000E0 RID: 224 RVA: 0x00007CA0 File Offset: 0x00005EA0 public virtual void Init(bool forEncryption, ICipherParameters parameters) { this.forEncryption = forEncryption; this.macBlock = null; this.initialised = true; if (!(parameters is AeadParameters)) { throw new ArgumentException("invalid parameters passed to GCM"); } AeadParameters aeadParameters = (AeadParameters)parameters; byte[] array = aeadParameters.GetNonce(); this.initialAssociatedText = aeadParameters.GetAssociatedText(); int num = aeadParameters.MacSize; if (num < 32 || num > 128 || num % 8 != 0) { throw new ArgumentException("Invalid value for MAC size: " + num); } this.macSize = num / 8; KeyParameter key = aeadParameters.Key; int num2 = forEncryption ? 16 : (16 + this.macSize); this.bufBlock = new byte[num2]; if (array == null || array.Length < 1) { throw new ArgumentException("IV must be at least 1 byte"); } if (forEncryption && this.nonce != null && Arrays.AreEqual(this.nonce, array)) { if (key == null) { throw new ArgumentException("cannot reuse nonce for GCM encryption"); } if (this.lastKey != null && Arrays.AreEqual(this.lastKey, key.GetKey())) { throw new ArgumentException("cannot reuse nonce for GCM encryption"); } } this.nonce = array; if (key != null) { this.lastKey = key.GetKey(); } if (key != null) { this.cipher.Init(true, key); this.H = new byte[16]; this.cipher.ProcessBlock(this.H, 0, this.H, 0); this.multiplier.Init(this.H); this.exp = null; } else if (this.H == null) { throw new ArgumentException("Key must be specified in initial init"); } this.J0 = new byte[16]; if (this.nonce.Length == 12) { Array.Copy(this.nonce, 0, this.J0, 0, this.nonce.Length); this.J0[15] = 1; } else { this.gHASH(this.J0, this.nonce, this.nonce.Length); byte[] array2 = new byte[16]; Pack.UInt64_To_BE((ulong)((long)this.nonce.Length * 8L), array2, 8); this.gHASHBlock(this.J0, array2); } this.S = new byte[16]; this.S_at = new byte[16]; this.S_atPre = new byte[16]; this.atBlock = new byte[16]; this.atBlockPos = 0; this.atLength = 0UL; this.atLengthPre = 0UL; this.counter = Arrays.Clone(this.J0); this.blocksRemaining = 4294967294U; this.bufOff = 0; this.totalLength = 0UL; if (this.initialAssociatedText != null) { this.ProcessAadBytes(this.initialAssociatedText, 0, this.initialAssociatedText.Length); } }
public override CmsTypedStream GetContentStream(ICipherParameters key) { KeyParameter sKey = this.UnwrapKey(key); return(base.GetContentFromSessionKey(sKey)); }
private static Stream emitAesBackupHeader(StringBuilder headerbuf, Stream ofstream, String encryptionPassword, bool useUtf8) { // User key will be used to encrypt the master key. byte[] newUserSalt = AndroidBackup.randomBytes(PBKDF2_SALT_SIZE); byte[] userKey = AndroidBackup.buildPasswordKey(encryptionPassword, newUserSalt, PBKDF2_HASH_ROUNDS, useUtf8); // the master key is random for each backup byte[] masterPw = new byte[(MASTER_KEY_SIZE / 8)]; random.NextBytes(masterPw); byte[] checksumSalt = AndroidBackup.randomBytes(PBKDF2_SALT_SIZE); //// primary encryption of the datastream with the random key //IBufferedCipher c = CipherUtilities.GetCipher("AES"); //AesEngine aes = new AesEngine(); //var spec1 = ParameterUtilities.CreateKeyParameter("AES256", masterPw); ////var parameters1 = new ParametersWithIV(spec1, new byte[128]); // Block size == IV size == 16 in BouncyCastle for AES //c.Init(true, spec1); AesEngine engine = new AesEngine(); CbcBlockCipher blockCipher = new CbcBlockCipher(engine); //CBC PaddedBufferedBlockCipher cipher = new PaddedBufferedBlockCipher(blockCipher); //Default scheme is PKCS5/PKCS7 KeyParameter keyParam = new KeyParameter(masterPw); ParametersWithIV keyParamWithIV = new ParametersWithIV(keyParam, AndroidBackup.randomBytes(blockCipher.GetBlockSize() * 8), 0, blockCipher.GetBlockSize()); // Encrypt cipher.Init(true, keyParamWithIV); Stream finalOutput = new CipherStream(ofstream, null, cipher); // line 4: name of encryption algorithm headerbuf.Append(ENCRYPTION_ALGORITHM_NAME); headerbuf.Append('\n'); // line 5: user password salt [hex] headerbuf.Append(AndroidBackup.toHex(newUserSalt)); headerbuf.Append('\n'); // line 6: master key checksum salt [hex] headerbuf.Append(AndroidBackup.toHex(checksumSalt)); headerbuf.Append('\n'); // line 7: number of PBKDF2 rounds used [decimal] headerbuf.Append(PBKDF2_HASH_ROUNDS); headerbuf.Append('\n'); // line 8: IV of the user key [hex] //IBufferedCipher mkC = CipherUtilities.GetCipher(ENCRYPTION_MECHANISM); //Cipher mkC = Cipher.getInstance(ENCRYPTION_MECHANISM); //mkC.init(Cipher.ENCRYPT_MODE, userKey); AesEngine engine2 = new AesEngine(); CbcBlockCipher blockCipher2 = new CbcBlockCipher(engine2); //CBC PaddedBufferedBlockCipher mkC = new PaddedBufferedBlockCipher(blockCipher2); //Default scheme is PKCS5/PKCS7 KeyParameter keyParam2 = new KeyParameter(userKey); ParametersWithIV keyParamWithIV2 = new ParametersWithIV(keyParam2, AndroidBackup.randomBytes(blockCipher.GetBlockSize() * 8), 0, blockCipher2.GetBlockSize()); // Encrypt mkC.Init(true, keyParamWithIV2); byte[] IV = keyParamWithIV2.GetIV(); headerbuf.Append(AndroidBackup.toHex(IV)); headerbuf.Append('\n'); // line 9: master IV + key blob, encrypted by the user key [hex]. Blob // format: // [byte] IV Length = Niv // [array of Niv bytes] IV itself // [byte] master key Length = Nmk // [array of Nmk bytes] master key itself // [byte] MK checksum hash Length = Nck // [array of Nck bytes] master key checksum hash // // The checksum is the (master key + checksum salt), run through the // stated number of PBKDF2 rounds IV = keyParamWithIV.GetIV(); byte[] mk = keyParam.GetKey(); byte[] checksum = AndroidBackup.makeKeyChecksum(mk, checksumSalt, PBKDF2_HASH_ROUNDS, useUtf8); MemoryStream mkOut = new MemoryStream(IV.Length + (mk.Length + (checksum.Length + 3))); //DataOutputStream mkOut = new DataOutputStream(blob); mkOut.WriteByte((byte)IV.Length); mkOut.Write(IV, 0, IV.Length); mkOut.WriteByte((byte)mk.Length); mkOut.Write(mk, 0, mk.Length); mkOut.WriteByte((byte)checksum.Length); mkOut.Write(checksum, 0, checksum.Length); mkOut.Flush(); byte[] encryptedMk = mkC.DoFinal(mkOut.GetBuffer()); headerbuf.Append(AndroidBackup.toHex(encryptedMk)); headerbuf.Append('\n'); return(finalOutput); }
public override void PerformTest() { IBlockCipher cipher = new AesEngine(); IMac mac = new CMac(cipher, 128); //128 bytes key KeyParameter key = new KeyParameter(keyBytes128); // 0 bytes message - 128 bytes key mac.Init(key); mac.BlockUpdate(input0, 0, input0.Length); byte[] outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k128_m0)) { Fail("Failed - expected " + Hex.ToHexString(output_k128_m0) + " got " + Hex.ToHexString(outBytes)); } // 16 bytes message - 128 bytes key mac.Init(key); mac.BlockUpdate(input16, 0, input16.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k128_m16)) { Fail("Failed - expected " + Hex.ToHexString(output_k128_m16) + " got " + Hex.ToHexString(outBytes)); } // 40 bytes message - 128 bytes key mac.Init(key); mac.BlockUpdate(input40, 0, input40.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k128_m40)) { Fail("Failed - expected " + Hex.ToHexString(output_k128_m40) + " got " + Hex.ToHexString(outBytes)); } // 64 bytes message - 128 bytes key mac.Init(key); mac.BlockUpdate(input64, 0, input64.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k128_m64)) { Fail("Failed - expected " + Hex.ToHexString(output_k128_m64) + " got " + Hex.ToHexString(outBytes)); } //192 bytes key key = new KeyParameter(keyBytes192); // 0 bytes message - 192 bytes key mac.Init(key); mac.BlockUpdate(input0, 0, input0.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k192_m0)) { Fail("Failed - expected " + Hex.ToHexString(output_k192_m0) + " got " + Hex.ToHexString(outBytes)); } // 16 bytes message - 192 bytes key mac.Init(key); mac.BlockUpdate(input16, 0, input16.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k192_m16)) { Fail("Failed - expected " + Hex.ToHexString(output_k192_m16) + " got " + Hex.ToHexString(outBytes)); } // 40 bytes message - 192 bytes key mac.Init(key); mac.BlockUpdate(input40, 0, input40.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k192_m40)) { Fail("Failed - expected " + Hex.ToHexString(output_k192_m40) + " got " + Hex.ToHexString(outBytes)); } // 64 bytes message - 192 bytes key mac.Init(key); mac.BlockUpdate(input64, 0, input64.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k192_m64)) { Fail("Failed - expected " + Hex.ToHexString(output_k192_m64) + " got " + Hex.ToHexString(outBytes)); } //256 bytes key key = new KeyParameter(keyBytes256); // 0 bytes message - 256 bytes key mac.Init(key); mac.BlockUpdate(input0, 0, input0.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k256_m0)) { Fail("Failed - expected " + Hex.ToHexString(output_k256_m0) + " got " + Hex.ToHexString(outBytes)); } // 16 bytes message - 256 bytes key mac.Init(key); mac.BlockUpdate(input16, 0, input16.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k256_m16)) { Fail("Failed - expected " + Hex.ToHexString(output_k256_m16) + " got " + Hex.ToHexString(outBytes)); } // 40 bytes message - 256 bytes key mac.Init(key); mac.BlockUpdate(input40, 0, input40.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k256_m40)) { Fail("Failed - expected " + Hex.ToHexString(output_k256_m40) + " got " + Hex.ToHexString(outBytes)); } // 64 bytes message - 256 bytes key mac.Init(key); mac.BlockUpdate(input64, 0, input64.Length); outBytes = new byte[16]; mac.DoFinal(outBytes, 0); if (!AreEqual(outBytes, output_k256_m64)) { Fail("Failed - expected " + Hex.ToHexString(output_k256_m64) + " got " + Hex.ToHexString(outBytes)); } TestExceptions(); }
private static AlgorithmIdentifier DetermineKeyEncAlg( string algorithm, KeyParameter key) { if (BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.StartsWith(algorithm, "DES")) { return(new AlgorithmIdentifier( PkcsObjectIdentifiers.IdAlgCms3DesWrap, DerNull.Instance)); } else if (BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.StartsWith(algorithm, "RC2")) { return(new AlgorithmIdentifier( PkcsObjectIdentifiers.IdAlgCmsRC2Wrap, new DerInteger(58))); } else if (BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.StartsWith(algorithm, "AES")) { int length = key.GetKey().Length * 8; DerObjectIdentifier wrapOid; if (length == 128) { wrapOid = NistObjectIdentifiers.IdAes128Wrap; } else if (length == 192) { wrapOid = NistObjectIdentifiers.IdAes192Wrap; } else if (length == 256) { wrapOid = NistObjectIdentifiers.IdAes256Wrap; } else { throw new ArgumentException("illegal keysize in AES"); } return(new AlgorithmIdentifier(wrapOid)); // parameters absent } else if (BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.StartsWith(algorithm, "SEED")) { // parameters absent return(new AlgorithmIdentifier(KisaObjectIdentifiers.IdNpkiAppCmsSeedWrap)); } else if (BestHTTP.SecureProtocol.Org.BouncyCastle.Utilities.Platform.StartsWith(algorithm, "CAMELLIA")) { int length = key.GetKey().Length * 8; DerObjectIdentifier wrapOid; if (length == 128) { wrapOid = NttObjectIdentifiers.IdCamellia128Wrap; } else if (length == 192) { wrapOid = NttObjectIdentifiers.IdCamellia192Wrap; } else if (length == 256) { wrapOid = NttObjectIdentifiers.IdCamellia256Wrap; } else { throw new ArgumentException("illegal keysize in Camellia"); } return(new AlgorithmIdentifier(wrapOid)); // parameters must be absent } else { throw new ArgumentException("unknown algorithm"); } }
/// <summary> /// Encrypt scoped PDU using DES encryption protocol /// </summary> /// <param name="unencryptedData">Unencrypted scoped PDU byte array</param> /// <param name="key">Encryption key. Key has to be at least 32 bytes is length</param> /// <param name="privacyParameters">Privacy parameters out buffer. This field will be filled in with information /// required to decrypt the information. Output length of this field is 8 bytes and space has to be reserved /// in the USM header to store this information</param> /// <returns>Encrypted byte array</returns> /// <exception cref="ArgumentOutOfRangeException">Thrown when encryption key is null or length of the encryption key is too short.</exception> public static byte[] Encrypt(byte[] unencryptedData, byte[] key, byte[] privacyParameters) { if (unencryptedData == null) { throw new ArgumentNullException(nameof(unencryptedData)); } if (key == null) { throw new ArgumentNullException(nameof(key)); } if (privacyParameters == null) { throw new ArgumentNullException(nameof(privacyParameters)); } if (key.Length < MinimumKeyLength) { throw new ArgumentException($"Encryption key length has to 32 bytes or more. Current: {key.Length}.", nameof(key)); } var iv = GetIV(key, privacyParameters); // DES uses 8 byte keys but we need 16 to encrypt ScopedPdu. Get first 8 bytes and use them as encryption key var outKey = GetKey(key); var div = (int)Math.Floor(unencryptedData.Length / 8.0); if ((unencryptedData.Length % 8) != 0) { div += 1; } var newLength = div * 8; var result = new byte[newLength]; var buffer = new byte[newLength]; var inbuffer = new byte[8]; var outbuffer = new byte[16]; var cipherText = iv; var posIn = 0; var posResult = 0; Buffer.BlockCopy(unencryptedData, 0, buffer, 0, unencryptedData.Length); // Encrypt using BouncyCastle var blockCipher = new DesEngine(); var paddedCipher = new PaddedBufferedBlockCipher(blockCipher, new ZeroBytePadding()); var cipherParameters = new KeyParameter(outKey); paddedCipher.Init(true, cipherParameters); for (var b = 0; b < div; b++) { for (var i = 0; i < 8; i++) { inbuffer[i] = (byte)(buffer[posIn] ^ cipherText[i]); posIn++; } paddedCipher.DoFinal(inbuffer, outbuffer, 0); Buffer.BlockCopy(outbuffer, 0, cipherText, 0, cipherText.Length); Buffer.BlockCopy(cipherText, 0, result, posResult, cipherText.Length); posResult += cipherText.Length; } return(result); }
public virtual void Init( bool forEncryption, ICipherParameters parameters) { this.forEncryption = forEncryption; this.macSize = 16; // TODO Make configurable? this.macBlock = null; // TODO If macSize limitation is removed, be very careful about bufBlock int bufLength = forEncryption ? BlockSize : (BlockSize + macSize); this.bufBlock = new byte[bufLength]; if (parameters is AeadParameters) { AeadParameters param = (AeadParameters)parameters; nonce = param.GetNonce(); A = param.GetAssociatedText(); // macSize = param.getMacSize() / 8; if (param.MacSize != 128) { // TODO Make configurable? throw new ArgumentException("only 128-bit MAC supported currently"); } keyParam = param.Key; } else if (parameters is ParametersWithIV) { ParametersWithIV param = (ParametersWithIV)parameters; nonce = param.GetIV(); A = null; keyParam = (KeyParameter)param.Parameters; } else { throw new ArgumentException("invalid parameters passed to GCM"); } if (nonce == null || nonce.Length < 1) { throw new ArgumentException("IV must be at least 1 byte"); } if (A == null) { // Avoid lots of null checks A = new byte[0]; } // Cipher always used input forward mode cipher.Init(true, keyParam); // TODO This should be configurable by Init parameters // (but must be 16 if nonce length not 12) (BlockSize?) // this.tagLength = 16; byte[] h = new byte[BlockSize]; cipher.ProcessBlock(Zeroes, 0, h, 0); //trace("H: " + new string(Hex.encode(h))); this.H = new BigInteger(1, h); this.initS = gHASH(A, false); if (nonce.Length == 12) { this.J0 = new byte[16]; Array.Copy(nonce, 0, J0, 0, nonce.Length); this.J0[15] = 0x01; } else { BigInteger N = gHASH(nonce, true); BigInteger X = BigInteger.ValueOf(nonce.Length * 8); //trace("len({})||len(IV): " + dumpBigInt(X)); N = multiply(N.Xor(X), H); //trace("GHASH(H,{},IV): " + dumpBigInt(N)); this.J0 = asBlock(N); } this.S = initS; this.counter = Arrays.Clone(J0); //trace("Y" + yCount + ": " + new string(Hex.encode(counter))); this.bufOff = 0; this.totalLength = 0; }
/// <exception cref="IOException"></exception> public TlsStreamCipher(TlsContext context, IStreamCipher clientWriteCipher, IStreamCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize, bool usesNonce) { bool isServer = context.IsServer; this.context = context; this.usesNonce = usesNonce; this.encryptCipher = clientWriteCipher; this.decryptCipher = serverWriteCipher; int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize(); byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); int offset = 0; // Init MACs TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, clientWriteDigest.GetDigestSize()); offset += clientWriteDigest.GetDigestSize(); TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, serverWriteDigest.GetDigestSize()); offset += serverWriteDigest.GetDigestSize(); // Build keys KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; if (offset != key_block_size) { throw new TlsFatalAlert(AlertDescription.internal_error); } ICipherParameters encryptParams, decryptParams; if (isServer) { this.writeMac = serverWriteMac; this.readMac = clientWriteMac; this.encryptCipher = serverWriteCipher; this.decryptCipher = clientWriteCipher; encryptParams = serverWriteKey; decryptParams = clientWriteKey; } else { this.writeMac = clientWriteMac; this.readMac = serverWriteMac; this.encryptCipher = clientWriteCipher; this.decryptCipher = serverWriteCipher; encryptParams = clientWriteKey; decryptParams = serverWriteKey; } if (usesNonce) { byte[] dummyNonce = new byte[8]; encryptParams = new ParametersWithIV(encryptParams, dummyNonce); decryptParams = new ParametersWithIV(decryptParams, dummyNonce); } this.encryptCipher.Init(true, encryptParams); this.decryptCipher.Init(false, decryptParams); }
public static void SendKeyDown(IntPtr windowHandle, byte virtualKey) { var scanCode = GetScanCode(virtualKey); var keyParameter = new KeyParameter(1, scanCode, false, false, false, false); NativeMethods.PostMessage(windowHandle, (uint)KeyboardCommand.KeyDown, new UIntPtr(virtualKey), keyParameter.ToLParam()); }
/// <exception cref="IOException"></exception> public TlsBlockCipher(TlsContext context, IBlockCipher clientWriteCipher, IBlockCipher serverWriteCipher, IDigest clientWriteDigest, IDigest serverWriteDigest, int cipherKeySize) { this.context = context; this.randomData = new byte[256]; context.NonceRandomGenerator.NextBytes(randomData); this.useExplicitIV = TlsUtilities.IsTlsV11(context); this.encryptThenMac = context.SecurityParameters.encryptThenMac; int key_block_size = (2 * cipherKeySize) + clientWriteDigest.GetDigestSize() + serverWriteDigest.GetDigestSize(); // From TLS 1.1 onwards, block ciphers don't need client_write_IV if (!useExplicitIV) { key_block_size += clientWriteCipher.GetBlockSize() + serverWriteCipher.GetBlockSize(); } byte[] key_block = TlsUtilities.CalculateKeyBlock(context, key_block_size); int offset = 0; TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset, clientWriteDigest.GetDigestSize()); offset += clientWriteDigest.GetDigestSize(); TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset, serverWriteDigest.GetDigestSize()); offset += serverWriteDigest.GetDigestSize(); KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize); offset += cipherKeySize; byte[] client_write_IV, server_write_IV; if (useExplicitIV) { client_write_IV = new byte[clientWriteCipher.GetBlockSize()]; server_write_IV = new byte[serverWriteCipher.GetBlockSize()]; } else { client_write_IV = Arrays.CopyOfRange(key_block, offset, offset + clientWriteCipher.GetBlockSize()); offset += clientWriteCipher.GetBlockSize(); server_write_IV = Arrays.CopyOfRange(key_block, offset, offset + serverWriteCipher.GetBlockSize()); offset += serverWriteCipher.GetBlockSize(); } if (offset != key_block_size) { throw new TlsFatalAlert(AlertDescription.internal_error); } ICipherParameters encryptParams, decryptParams; if (context.IsServer) { this.mWriteMac = serverWriteMac; this.mReadMac = clientWriteMac; this.encryptCipher = serverWriteCipher; this.decryptCipher = clientWriteCipher; encryptParams = new ParametersWithIV(server_write_key, server_write_IV); decryptParams = new ParametersWithIV(client_write_key, client_write_IV); } else { this.mWriteMac = clientWriteMac; this.mReadMac = serverWriteMac; this.encryptCipher = clientWriteCipher; this.decryptCipher = serverWriteCipher; encryptParams = new ParametersWithIV(client_write_key, client_write_IV); decryptParams = new ParametersWithIV(server_write_key, server_write_IV); } this.encryptCipher.Init(true, encryptParams); this.decryptCipher.Init(false, decryptParams); }
private void checkVectors( int count, CcmBlockCipher ccm, string additionalDataType, byte[] k, int macSize, byte[] n, byte[] a, byte[] sa, byte[] p, byte[] t, byte[] c) { KeyParameter keyParam = (k == null) ? null : new KeyParameter(k); ccm.Init(true, new AeadParameters(keyParam, macSize, n, a)); byte[] enc = new byte[c.Length]; if (sa != null) { ccm.ProcessAadBytes(sa, 0, sa.Length); } int len = ccm.ProcessBytes(p, 0, p.Length, enc, 0); len += ccm.DoFinal(enc, len); // ccm.Init(true, new AeadParameters(new KeyParameter(k), macSize, n, a)); // // byte[] enc = ccm.ProcessPacket(p, 0, p.Length); if (!AreEqual(c, enc)) { Fail("encrypted stream fails to match in test " + count + " with " + additionalDataType); } // ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a)); // // byte[] dec = ccm.ProcessPacket(enc, 0, enc.Length); ccm.Init(false, new AeadParameters(new KeyParameter(k), macSize, n, a)); byte[] tmp = new byte[enc.Length]; if (sa != null) { ccm.ProcessAadBytes(sa, 0, sa.Length); } len = ccm.ProcessBytes(enc, 0, enc.Length, tmp, 0); len += ccm.DoFinal(tmp, len); byte[] dec = new byte[len]; Array.Copy(tmp, 0, dec, 0, len); if (!AreEqual(p, dec)) { Fail("decrypted stream fails to match in test " + count + " with " + additionalDataType, Hex.ToHexString(p), Hex.ToHexString(dec)); } if (!AreEqual(t, ccm.GetMac())) { Fail("MAC fails to match in test " + count + " with " + additionalDataType); } }
/** * decrypt the content and return an input stream. */ public override CmsTypedStream GetContentStream( // Key key) ICipherParameters key) { if (!(key is AsymmetricKeyParameter)) { throw new ArgumentException("KeyAgreement requires asymmetric key", "key"); } AsymmetricKeyParameter privKey = (AsymmetricKeyParameter)key; if (!privKey.IsPrivate) { throw new ArgumentException("Expected private key", "key"); } try { OriginatorPublicKey origK = _info.Originator.OriginatorKey; PrivateKeyInfo privInfo = PrivateKeyInfoFactory.CreatePrivateKeyInfo(privKey); SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(privInfo.AlgorithmID, origK.PublicKey.GetBytes()); AsymmetricKeyParameter pubKey = PublicKeyFactory.CreateKey(pubInfo); string wrapAlg = DerObjectIdentifier.GetInstance( Asn1Sequence.GetInstance(_keyEncAlg.Parameters)[0]).Id; IBasicAgreement agreement = AgreementUtilities.GetBasicAgreementWithKdf( _keyEncAlg.ObjectID, wrapAlg); agreement.Init(privKey); BigInteger wKeyNum = agreement.CalculateAgreement(pubKey); // TODO Fix the way bytes are derived from the secret byte[] wKeyBytes = wKeyNum.ToByteArrayUnsigned(); KeyParameter wKey = ParameterUtilities.CreateKeyParameter(wrapAlg, wKeyBytes); IWrapper keyCipher = WrapperUtilities.GetWrapper(wrapAlg); keyCipher.Init(false, wKey); AlgorithmIdentifier aid = _encAlg; string alg = aid.ObjectID.Id; byte[] encryptedKey = _encryptedKey.GetOctets(); byte[] sKeyBytes = keyCipher.Unwrap(encryptedKey, 0, encryptedKey.Length); KeyParameter sKey = ParameterUtilities.CreateKeyParameter(alg, sKeyBytes); return(GetContentFromSessionKey(sKey)); } catch (SecurityUtilityException e) { throw new CmsException("couldn't create cipher.", e); } catch (InvalidKeyException e) { throw new CmsException("key invalid in message.", e); } catch (Exception e) { throw new CmsException("originator key invalid.", e); } }
public ParametersWithIV(KeyParameter random, byte[] getEncoded, int i, int i1) : base(null, 0) { throw new System.NotImplementedException(); }
public override KdfParameters GetBestParameters(uint uMilliseconds) { const ulong uStep = 3001; ulong uRounds; KdfParameters p = GetDefaultParameters(); // Try native method if (NativeLib.TransformKeyBenchmark256(uMilliseconds, out uRounds)) { p.SetUInt64(ParamRounds, uRounds); return(p); } byte[] pbKey = new byte[32]; byte[] pbNewKey = new byte[32]; for (int i = 0; i < pbKey.Length; ++i) { pbKey[i] = (byte)i; pbNewKey[i] = (byte)i; } #if KeePassUAP KeyParameter kp = new KeyParameter(pbKey); AesEngine aes = new AesEngine(); aes.Init(true, kp); #else byte[] pbIV = new byte[16]; Array.Clear(pbIV, 0, pbIV.Length); RijndaelManaged r = new RijndaelManaged(); if (r.BlockSize != 128) // AES block size { Debug.Assert(false); r.BlockSize = 128; } r.IV = pbIV; r.Mode = CipherMode.ECB; r.KeySize = 256; r.Key = pbKey; ICryptoTransform iCrypt = r.CreateEncryptor(); // !iCrypt.CanReuseTransform -- doesn't work with Mono if ((iCrypt == null) || (iCrypt.InputBlockSize != 16) || (iCrypt.OutputBlockSize != 16)) { Debug.Assert(false, "Invalid ICryptoTransform."); Debug.Assert(iCrypt.InputBlockSize == 16, "Invalid input block size!"); Debug.Assert(iCrypt.OutputBlockSize == 16, "Invalid output block size!"); p.SetUInt64(ParamRounds, PwDefs.DefaultKeyEncryptionRounds); return(p); } #endif uRounds = 0; int tStart = Environment.TickCount; while (true) { for (ulong j = 0; j < uStep; ++j) { #if KeePassUAP aes.ProcessBlock(pbNewKey, 0, pbNewKey, 0); aes.ProcessBlock(pbNewKey, 16, pbNewKey, 16); #else iCrypt.TransformBlock(pbNewKey, 0, 16, pbNewKey, 0); iCrypt.TransformBlock(pbNewKey, 16, 16, pbNewKey, 16); #endif } uRounds += uStep; if (uRounds < uStep) // Overflow check { uRounds = ulong.MaxValue; break; } uint tElapsed = (uint)(Environment.TickCount - tStart); if (tElapsed > uMilliseconds) { break; } } p.SetUInt64(ParamRounds, uRounds); return(p); }
public static void SendShiftKeyUp(IntPtr windowHandle) { var virtualKey = VK_SHIFT; var scanCode = GetScanCode(virtualKey); var keyParameter = new KeyParameter(1, scanCode, false, false, true, true); NativeMethods.PostMessage(windowHandle, (uint)KeyboardCommand.KeyUp, new UIntPtr(virtualKey), keyParameter.ToLParam()); }